Mailinglist Archive: opensuse (4610 mails)

< Previous Next >
Re: [opensuse] Can spam be defeated?
  • From: Sandy Drobic <suse-linux-e@xxxxxxxxxxxxxxxxxxxxxxx>
  • Date: Fri, 22 Dec 2006 11:32:48 +0100
  • Message-id: <458BB450.6040405@xxxxxxxxxxxxxxxxxxxxxxx>
Carlos E. R. wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


The Thursday 2006-12-21 at 14:08 +0100, Sandy Drobic wrote:

However, I understand that this is precisely what SuSE server does. You
know, _I_ would be rejected otherwise ;-)
The Suse server is not exactly high-volume. It may receive some ten thousand
mails per day, not much more. Believe me, if the list server had to process
all mails that it is SENDING for spam and viruses it would need some SERIOUS
hardware. (^-^)

Probably. What about gmail? I can send to them ;-)

They are welcome to receive whatever spam they want. On the other hand I am not happy when they forward the crap to my server, which does happen again and again.

I am very glad that the suse server accepts mails from dynamic ips. Though the
listserver has the protection of only allowing the list subscribers as sender
addresses. That is probably why it is possible at all.

That's true, but I understand the entry server was the same for the whole company - SuSE, that is, not Novell. Maybe the use other blocks, but AFAIK, not dymamic IPs. Which is very fortunate for me, of course.

True, it is after all a Linux product they support, and on linux you will likely have more network services installed like a web or mailserver than on a windows machine.

So my policy is to use pretty reasonable checks that seldom reject wanted
mails, configure a whitelist for those few (usually a handful within some
month) and let spamassassin analyse the rest.

I suppose I would do mostly the same in your place.

In the end it comes down to "how do I implement a transparent and robust mail system, that works efficiently without needing too much fiddling and attention?".

So each administrator has do decide for himself:
- how reliable should mail be received
- how much spam can be received without hindering daily work
- what legal requirements does he have to obey

The answers and your priorities change with every company.

Since robust and capable server hardware has become easily affordable it is
possible for low-level volume sites (less than 50000 mails per day) to use
pre-queue content filtering and reject the mails directly. The configuration
is a bit more difficult because all filtering has to be done fast and only as
many concurrent connections are possible as concurrent content_filter
processes are supported by the hardware.

pre-queue? Wow. :-O

What kind of software do they use for that? Can postfix do that?

I know that postfix and amavisd-new are used on some low-level volume sites to filter mail in a pre-queue configuration.

The real trouble is you have to configure your system with two priorities:
- filtering must be fast to avoid time-outs during mail processing
- hardware must be reasonable fast to provide enough resources for sufficient concurrent mail connections

These days you can buy a decent but relatively cheap server with
- 2 dualcore cpus
- fast raid controller with big cache and bbu
- 4 GB RAM
- GBit LAN

That will allow you to set up a server that can process at least 30 concurrent mails (depending on your max allowed mailsize, header/body checks and your content_filter configuration) without much problems.

For most low-volume sites this will be enough, and they can reject recognized spam directly. Of course this does not work if you need to allow huge mails.

Sandy
--
List replies only please!
Please address PMs to: news-reply2 (@) japantest (.) homelinux (.) com
--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

< Previous Next >